How to Encrypt Android & iOS Data with FIPS 140-2

Learn the 3 Easy Steps to Encrypt Android & iOS Data with FIPS 140-2. Meet NIST & FirstNet encryption requirements. No Code, No SDK, Continuous Security.

What is FIPS 140-2 Encryption in iOS and Android apps

The Federal Information Processing Standard  Publication 140-2 (FIPS 140-2) is a U.S. government computer security standard used to approve cryptographic modules.

This Knowledge Base article provides a survey of Appdome’s FIPS functionality and explains how to add FIPS 140-2 Cryptographic modules to any mobile app – instantly, without coding.

We hope you find it useful and enjoy using Appdome!

Adding FIPS 140-2 Cryptographic Modules is part of the Appdome Mobile Security Suite. You can find it under TOTALDataTM Encryption. Appdome uses the FIPS 140-2 certified versions of the commercially available encryption libraries. These libraries (OpenSSL’s libcrypto and libssl) have themselves undergone FIPS certification.

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily implement FIPS 140-2 Compliant Cryptographic Modules to any mobile app – instantly, no code or coding required.

3 Easy Steps to Encrypt Android & iOS Data with FIPS 140-2

Follow these 3 Easy Steps to Encrypt Android & iOS Data with FIPS 140-2

  1. Upload a mobile app to your Appdome account. (.apk, .aab, or .ipa)
  2. Go to the Build tab., Select the Security tab, Expand TOTALDataTM Encryption, and Enable FIPS 140-2 Cryptographic Modules.
  3. Click Build My App.

FIPS 140-2 encryption ios and android

Note: the FIPS 140-2 Cryptographic Modules toggle, also appears under Secure Communication, when Trusted Session is enabled:

FIPS 140-2 encryption ios and android apps

FIPS 140-2 Compliant Security Features on Appdome

The following Appdome features make use of FIPS 140-2 compliant cryptography:

  • Appdome’s TOTALData™Encryption makes use of FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
  • Appdome’s Trusted session inspection uses FIPS 140-2 compliant certificate and certificate-chain verification methods (X509_verify_cert). In addition, only FIPS 140-2 compliant encryption and hash algorithms will be used in the said handshake.
  • Appdome’s Copy/Paste protection makes use of FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
  • ONEShield:
    • Appdome’s Checksum validation computes and verifies only using FIPS 140-2 approved checksum algorithms (SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224and SHA-512/256).
    • Appdome encrypts the strings and resources of the application using FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
    • Appdome’s Non-native code obfuscation makes use of FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.
  • MicroVPN:
    Appdome uses only FIPS 140-2 compliant cryptographic functions when establishing TLS connections. When used in Session Hardening mode, the outward facing connection will be established using FIPS 140-2 cryptographic functions, so in effect, this makes all outgoing TLS connections FIPS 140-2 compliant.
  • Appdome’s Cross-App ID encrypts the shared state using FIPS 140-2 compliant RNG to generate unique IVs (Initial Vectors), and the AES256 block-cipher.

Prerequisites for Encrypt Android & iOS Data with FIPS 140-2

Here’s what you need to build secured apps with FIPS 140-2 Encryption. 

No Coding Dependency

Using Appdome, there are no development or coding prerequisites to build secured apps with FIPS 140-2 Encryption. There is no SDK and no library to manually code or implement in the app. The Appdome technology adds the relevant standards, frameworks, and logic to the app automatically, with no manual development work at all.

How to Sign & Publish Secured Mobile Apps Built on Appdome  

After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include 

Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome. 

 How to Learn More

Check out the full menu of features in the Appdome Mobile Security Suite

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Or request a demo at any time.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Paul Levasseur

Have a question?

Ask an expert

HilaMaking your security project a success!

Get Your Copy
2021 Global Mobile
Consumer Security
Survey